Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

angry tapir writes "The Cold War between the USA and the USSR may have ended in 1991, but a new conflict involving the same enemies has emerged on the digital frontier, according to McAfee's US chief security officer. Brett Wahlin, a former North Atlantic Treaty Organization (NATO) counter intelligence agent, told Computerworld Australia that the RSA token hack in March this year – where the token information was used to infiltrate US defense contractor Lockheed Martin – used the same espionage tactics he encountered while serving as an agent from 1987 to 1991 with the US army for NATO."

"It seems the targets like Lockheed Martin are starting to get softened up. This isn't the end game; there is something bigger coming down the pipe and what we are seeing right now is a prelude to that. There could be a new warfare doctrine been created. I was in that world [NATO] for so long that when it looks and feels like a Cold War, there may be something else going down."

Congratulations on the nebulous statements, sir. You rival politicians. Not a single one of these statements is falsifiable. Oh, you're the head of a company that sells remedies to this horrible future? You don't say...

"It seems the targets like Lockheed Martin are starting to get softened up. This isn't the end game; there is something bigger coming down the pipe and what we are seeing right now is a prelude to that. There could be a new warfare doctrine been created. I was in that world [NATO] for so long that when it looks and feels like a Cold War, there may be something else going down."

By asserting that he is only doing this to make money, you are also guilty of making unfalsifiable statements.

Well, the descriptions of the various attacks that led up to Lock-Mart's breaches (including the sustained campaign against RSA) makes a lot of analysts think the entire sequence is the activity of some nation's intelligence apparatus. Blaming China just seems like a knee-jerk to me, though. I would ROFL slightly into my waffles if it turned out to be Lulzsec (although those blowhards would have been boasting about it by now) or maybe the French or something. Maybe the Israelis?

Maybe it's a nation, maybe not. It is a group that has access to good tools and gear; but it could have been done by a small independent group using compromised computers to do their attack against the token.

This is the future. Borders, as we know them politically, are going away. The future will be fought by groups scattered across the globe, openly hidden in different nations. As that emerge old school military tactics will need to change into a more 'poli

Uhhh...how EXACTLY is this ANY different than what we and everybody else has been doing since the beginning of time? Kinda funny how people forget that when a new Mig would come out we would offer a big fat pile of cash and asylum to any pilot who would give us one, just like how China paid farmers in Belgrade to dig up as many parts from that downed F-117 nighthawk as they could find so China could steal the stealth tech.

This is as old as time, and just sticking the word cyber in front of it don't make i

It's different because you can do this hiding out in an Internet Cafe in Mongolia or Central Russia. Before we 'cyberized' things the MiG pilot would have to have the cajones to fly out of Russian airspace. The Chinese had to get sandals on the ground to bribe the locals to find the bits or they had to force a collision between the spy plane and theirs. All with attendant risks of reputation, money and people. Now, not so much.

It's not a black or white issue by any means - it's the same game. But the

Oh, you're the head of a company that sells remedies to this horrible future?

McAfee doesn't sell remedies for anything (other than a remedy for a lack of McAfee software).

None of the "anti-virus" companies do. Because the way they're currently structured is as a reactive process.

Bad guys release a new "virus".Users get infected.Someone sends the infected files to McAfee.McAfee releases new "signatures" to detect the new virus.Repeat.

And McAfee makes a lot of money off of that process. Meanwhile, users keep getting infected by "mal-ware". It's so bad that you cannot even depend upon McAfee to detect all the "mal-ware" that is detected by other anti-virus products from a week ago. Why should you need to run multiple scans from multiple products to clear a Windows machine?

Where's the bootable CD from McAfee that will at least be able to identify what is known to be a regular Windows file and what has not been identified before? With a way to move those questionable files to external storage / submit them to McAfee?

But why spend money on something that might help? Particularly when just giving interviews about how things MIGHT get worse will generate more revenues for your company?

I'd suggest this is how doctors work as well. It's poor engineering, but I'd bet people would claim it's the best we've got. It's the proactive/reactive IT debate. Is it better to keep locked down, smoothly running machines that fail at your expense? Or do you keep open systems that fail at the whim and fancy of your co-workers with you as their hero every time it's fixed? Human nature points people towards the poor option.

I'd suggest this is how doctors work as well. It's poor engineering, but I'd bet people would claim it's the best we've got. It's the proactive/reactive IT debate. Is it better to keep locked down, smoothly running machines that fail at your expense? Or do you keep open systems that fail at the whim and fancy of your co-workers with you as their hero every time it's fixed? Human nature points people towards the poor option.

I'd argue that the former option (inarguably the better option from a security standpoint) can be very risky from a career standpoint. If you don't get it perfect the first time (and you won't), people will assume incompetence from you as you get everything working smoothly, and bitch and complain every time they can't do exactly what they want without going through you. You get labeled a tyrant, and even if you are very, very good and good with people, the wrong impression could leave you without a job.

Most people, when told by their doctor, "You need to lose weight or you'll get diabetes," do what? That's right nothing. "You should be exercising for 30 min. 4 times a week," and yet most people don't change their habits. "You should have a biannual checkup, and get a colonoscopy every 5 years, a mammogram or prostate exam...."

Yes there are some things that doctors must take from a reactionary standpoint. But since we don't have magic pills yet, the only proactiv

None of the "anti-virus" companies do. Because the way they're currently structured is as a reactive process.

Well, certainly not McAfee anyway. There are anti-virus packages with heuristic analysis, and supposedly those occasionally do something, but I've never personally seen a scanner catch anything with it.

Funny you should say that as I've found while Horton and McCrappee do suckth the big wet titty I've found a couple of free AVs that knock on plastic have actually been pretty damned good at keeping bugs out of my users PCs, and that is Comodo IS Free and Avast Free of all things. both use HIPS and default sandboxing to treat everything unknown as a possible infection, and use behavioral analysis as well as sigs.

Comodo is great for those that like to tweak settings and fiddle, as everything is customizable,

Bingo. I want to see an AV program that includes a bootable DVD, and can not just do an offline check for viruses and malware like the stinger.exe, but do serious heuristic checking. Some executable not Authenticode signed that is a Windows system file? Flag it, and optionally ask for install media to fix it after the executable is saved to a quarantine area. Another executable a different SHA-512 hash than what is in the original copy of Windows, or subsequent patches? Move it aside and replace it wit

Ambitious. I don't know if this is technically feasible -- since Win7 and all other MS OS' seem to inevitably be dynamic (ie. big, imperfect, and thus updated with frequent patches) -- but if you build it or find it, please report back here.
.
I, for one, would probably buy it.
.
PS : McAfee, btw, bought Secure Computing, another OTP vendor and a major competitor to RSA, in 2008.

It shouldn't be too difficult to keep hashes of an OS executables and libraries, even with the updates coming out. Probably easier than trying to keep abreast of new signatures of malware.

Of course, software not aware of what programs should hook into a machine might cause startup items like the HP printer driver stuff and reminders of having to buy ink to go away, but I'm sure most users rather have disabled startup items than missed items which contain malware.

Anti-virus software is primarily reactive. Proactive is typically called patching (if you catch it in time, though that can become reactive as well).

However, some anti-virus software does have a feature to detect virus-like behavior though it's not 100% successful. Additionally - anti-virus companies (at least Norton) have teams that are essentially white hats who look for new vulnerabilities and methods of virus delivery and obfuscation.

Both North Korea and Red China were participants in the Cold War, more or less (from the perspective of US strategic planning) on the side of the USSR. Of course, there was ample wargaming and what-if planning on scenarios involving China or Korea independent of the Russians, or even in opposition; even the most raving foaming-at-the-mouth anti-Communist had to acknowledge that the East Asian side of the Iron Curtain was separable from the Near-European side.

If he succeeds in selling the idea that there is a new Cold War which oh so happens to be fought with the product his company sells then he is in line to get a hefty ton of money from people spending money on their quackery. There is a reason why all of a sudden McAfee started complaining about losing the war on computer security and companies such IBM started warning that there is a supercomputer arms race between China and the US and the US was about to lose. It's all about generating demand where there is none and creating a market for something which isn't needed.

There lies a fundamental difference between the USSR vs. USA Cold War and the so-called USA vs. China Cold War: the USA just might collapse under its own weight just as the USSR did. America does not have the collective scientific, engineering, and military resources it once had. Our military is strung thin and war weary and our mathematicians, computer scientists, and engineers are going into financial careers. Our economy has stagnated with unemployment at a high for this century. Also, our infrastructure such as roads, bridges, electrical grid, etc. is crumbling whereas in China it is growing. Towards the end of the first cold war, conditions in the USSR were economically very, very bad and there was an omnipresence of political infighting which ultimately lead to its demise. History may repeat itself yet again since the similar conditions can be found here in the USA>

You actually can say this on a public forum. Soviet leadership made our politicians (now and then) look like honest Abe. While we get plenty of propaganda we also have plenty of sources telling us the truth (or as close as they can get). What's worse, is that their leadership even started believing the propaganda.

At the tail end of the cold war in the late 1980s, you probably could say things like this due to the concepts of Troika and Parastroika. These two concepts roughly equate to free and openness. In a last ditch attempt to keep the politburo in some sort of power, they allowed published criticisms. In the end, it was the politburo's undoing. Towards the end of the USSR, a somewhat limited freedom of the press and limited capitalism were allowed. So, the factor is not quite as large as it may seem. The U

This is the robotic response spouted by everyone who wants to counter any comparison of the US with China or the USSR. Please think for yourself for a moment, and don't boil the entire world down to free speech. While free speech is important, it in itself is also neither a monolithic right nor a clear-cut win for the US. There are shades of grey in what can and can't be said on both sides of the world, though it can be argued that China and the Soviets had less rights.

How are we supposed to even try to compete when politicians are doing everything they can to decrease overall competitiveness?They wont pay for education so that the brightest minds can actually learn the necessary knowledge whatever it is.They wont pay to build infrastructure to actually take advantage of those bright minds.They wont pass a competitive budget to fund it all because they don't want to raise taxes.

So basically politicians are arguing about who will pay the Chinese and how. They aren't even t

Fallacy: If you made college free in the USA, you would not get more engineers. You would get more English and Basket-Weaving majors. Of this, I am certain. The fundamental flaw in our system, is rooted in our failing methods of math and science (mostly math) education for GRADE SCHOOL children. Our kids start behind, and they stay behind. With the exception of the top 5%, very few can handle math beyond algebra in secondary school. And most of the sciences rely on math this advanced. (actually, far bey

i remember the old days when AT&T was a real monopoly and you could only get a home telephone from an AT&T store. back in the 80's it was $80 for a cheapo rotary dial phone.

back in those days the smartest people worked for the government or a contractor and new tech first showed up in huge government projects and then decades later filtered to us civilians. this started to change in the late 1990's with the internet and now with mobile phones and other devices. now everyone gets new t

If you sell hacked information or talk about telco systems, what has changed?.http://en.wikipedia.org/wiki/Karl_Koch_(hacker) [wikipedia.org] - was found burned to death with gasoline in a forest near Celle in 1989.
Post cold war if you talk in open court about the reality of cell phone tracking eg. Adamo Bove was the head of security at Telecom Italia
He was found under a freeway overpass.
Costas Tsalikidis http://en.wikipedia.org/wiki/Kostas_Tsalikidis [wikipedia.org] was a 38-year-old software engineer for Vodaphone in Greece.
He uncovered a highly sophisticated bug embedded in the mobile network. Spyware eavesdropped on the Greek prime Minister and other top officials’ cell phone calls; it even monitored the car phone of Greece’s secret service chief.
His mother found him hanging outside of his apartment bathroom in 2005.
Whats changed? The front end is a MS/token sellers hourly dream that attracts UFO hunters using 56k modems. The back end seems the same.

As others have said, this article and many others are the primer for FUDing the public to allow the internet to be locked down into governmenland-net--or at least being to apathetic too care when it happens. OMGTEHHAXORS WILL RUIN US DONT FIX OUR NETWORKZ OR INTERNETZ JUST MAKE IT MORE SECUR LIKE DA TSA DOEZ AIRPORTZ!!!!@#!@#

Considering how badly McAfee's enterprise security software sucks ass, this guy is the last person I'd take security advice from.

I'm not just blowing smoke here, I've worked in IT at companies large and small for 20 years, and every time an employer has used a McAfee anti-whatever solution, I've seen more viruses and malware infected users than you can imagine. Their software simply does not work. I certainly wouldn't recommend it to anyone scared of the cyber-future. Maybe he'll drive some business to Nort

I have ended up deploying McAfee on IBM and Oracle hardware. Not that AIX gets viruses (other than the directory that is shared via CIFS with the Windows boxes), but that it allows me to tick off a check-box saying "all computers, regardless of OS, have ICSA labs certified antivirus software running on them."

The only thing changing is that IT in general is generally considered a "cost center" to trim, IT security an even less indirectly profitable component of that cost center, and management of most organizations is becoming more aggressive at reducing that cost. Add outsourcing and subcontracting issues and you end up with a system where there is real interest only in having an appearance of security, and standard practices revolve around plausible deniability and passing the buck.

Russia has their own problems. When communism went down, they had a power vacuum, which was filled by organized crime. For a while, Russia had rule by "oligarchs". Putin managed to get the biggest oligarchs under control, the ones big enough to challenge national power. But there are still too many crooks per capita left, and they tend to be too closely tied to parts of the Government.

This is why we have so much trouble with various computer attacks out of Russia. Some are private, some may be actual mi